[LUAU] Eek, major PHP remote exploit bug
Julian Yap
julian_yap at yahoo.com
Thu Jan 6 11:57:41 PST 2011
This bug leads to a PHP/server hang.
Bug:
http://bugs.php.net/bug.php?id=53632
More discussion:
http://news.ycombinator.com/item?id=2066084
http://www.theregister.co.uk/2011/01/04/weird_php_dos_vuln/
Looks to effect 32-bit systems running various 5.x versions of PHP.
I was able to reproduce it.
$ php -v
PHP 5.3.3 (cli) (built: Dec 14 2010 13:31:51)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
$ php -r "print 2.2250738585072011e-308;"
... hang!
More information about the LUAU
mailing list